* Posts by Naselus

1555 publicly visible posts • joined 26 Aug 2014

Google dumps 12,000 employees after project probe

Naselus

"We hired for a different economic reality than the one we face today."

I mean, you could just say 'We hired too many people by mistake', but then I guess that would involve admitting fault, where as this way you can pretend you were right to hire them and then the universe got it wrong by failing to match your expectations.

Microsoft Defender ASR rules strip icons, app shortcuts from Taskbar, Start Menu

Naselus

Re: My Linux VM

How can you tell if someone's a Linux user?

Don't worry, they'll tell you. Constantly. In discussions where it has zero relevance.

Naselus

Re: Have the same issue

For anything that's come in via MSIExec, scrape msi install guids and then foreach loop the list through msiexec /fs.

My (extremely quick and dirty) PS code is:

$list = get-wmiobject win32_product | select identifyingnumber

foreach ($thing in $list){

msiexec /fs $thing.identifyingnumber /q

start-sleep 10}

Parody Elon Musk Twitter accounts will be suspended immediately, says Elon Musk

Naselus

"People forget he was looking to flip Tesla early on, but none of the major car makers would bite and he got stuck with it, which ultimately seems to have worked out pretty well for him so far. "

Given that Tesla's valuation is based far more on incels throwing money at Musk's reputation as a 'genius' than it is on anything to do with its poor business prospects, weak market position and rock-bottom status in the self-driving tech hierarchy, we'll see how well it works out for him once the very public shitshow he's making of running Twitter plays out.

The Souls noob's guide to Elden Ring

Naselus

Re: Good/Bad

It's almost hilariously over-rated at this point tbh. You read games sites bending over backwards to try and proclaim how some terrible feature of Elden Ring is actually brilliant because it's part of the 'creative vision'.

The game's combat is great; it feels meaty and visceral. And it's not afraid to challenge the player, which many modern games very much are - I don't need the game to pop up a 'suggestion' on where I should go next if I don't do anything for 30 seconds (which is literally something that they teach you to include in games design courses. They also teach you that 'the player should never be able to lose', which is dreadful advice). It's extremely satisfying to defeat an enemy, as mistakes are brutally punished and so managing to down a boss means you know you've played more or less perfectly.

However, everything else is mediocre. The graphics are very dated. The engine is sub-par and the performance issues on modern PC hardware are inexcusable. The frame rate lock on PC is absurd; the keyboard and mouse controls are poor, and you can't even remap several keybinds because apparently Fromsoft just outright forgot to include them in the options menu.

The story is frankly incomprehensible from in-game (I've completed the game and didn't know half the stuff mentioned in the article). The open world is a lifeless, empty thing with few quest givers and otherwise inhabited by endless bands of wandering monsters like an early-2000s MMO. It's largely just a selection of swamps and forests. Your actions have very little impact on the world around you, in a manner which most open world games get slammed for, but for some reason Fromsoft games don't.

The UI is extremely bad. This is repeatedly hailed as some kind of visionary minimalism but in many cases it's actually just obtuse and lazy design. You can't compare kit in shops against your existing gear, so you can't tell if it's better or not unless you either buy it, or else write down your present armour's stats on a scrap of paper. There's no quest log, or notes of any kind. Buffs are just symbols which are never explained anywhere, so you may have no idea what the hell the icons mean unless you look them up on a third party website.

Combat mechanics are not really explained to the player at all, so quite a lot of the game's much-vaunted difficulty is simply a matter of not really knowing what the hell is going on. Once you understand stuff like i-frames, or the interaction between stamina and block, or what poise actually is, the combat becomes much easier. You will need to look up all these concepts in third-party guides, however, as this information is not presented in game at all.

The game is incredibly grindy. You need to spend hours and hours farming runes from trash mobs, and the runes you get from a given enemy only loosely correlates to how difficult the enemy is - you might get 400 for killing a huge giant that can 1-shot you and has a giant melee range, but get 1000+ from weedy slow human-size grunts who only take a couple of hits to kill. Many of the best armour pieces likewise require repeatedly killing specific trash mobs over and over; there's one specific knight in the first major dungeon who can drop very good armour pieces with a very low drop rate. Again, discovering this requires either exceptional luck, or resorting to third party websites.

The lack of difficulty options is routinely held up as a vital design decision to maintain the True Creative Vision, but including an easy mode that reduced enemy health and damage by, say, 30% each, or simply increased runes per kill by 20% so you levelled up quicker would not have been some terrible compromise.

Ultimately, it's a good game. But it's in no way perfect and honestly I've no idea why so many reviewers are terrified to admit that it isn't, possibly for fear of a legion of toxic fanboys flooding their review's comment section with 'GIT GUD!!' bollocks. Either that, or they've been so starved of decent games over the pandemic that even something fairly average like ER looks amazing at this point.

Fujitsu: Dumping older workers will wipe out quarter of forecast profit

Naselus

Re: Disgusting..

Pretty sure I recall who $university refers to, and the substantial premiums they ended up having to pay out to replace all the workers they'd believed to be redundant paid for a substantial portion of my house.

Only 29% of techies truly want to stay in current job

Naselus

There'll always be an office so those with kids or lack of decent WFH space have somewhere to go.

But yes, anyone who thinks the vast majority of the workforce will continue to accept the old excuses for having to work on-prem can come back is deluded. WFH was an effective overnight 2 grand payrise for me just from dropping my commute, even before we take into account an extra hour in bed in the morning, and extra hour of free time in the evening, lack of stress from the abysmal state of the local trains, and generally better access to things like a visit from the plumber or being able to nip to dentist or the doctor during the week without having to take the full day off for it.

I'd probably be willing to take a 5 grand pay cut overall to keep WFH if my employer tried to force us back on prem, tho thankfully they have no interest in doing so either. Probably because they've benefited as much as the staff have from us not needing to take random days off to get the boiler fixed or have a filling done.

Naselus

Re: Fantasy meets reality

Willing to bet most won't, over five years. Everyone under 40 chops and changes more regularly than that by default anyway.

Where are the (serious) Russian cyberattacks?

Naselus

Re: "Putin may not be insane"

Actually, his behaviour has been entirely rational.

Ukraine is a vital strategic asset for Russia. It's three minutes flight time from Moscow. Any great power would be entirely willing to go to war to prevent such a location from joining a nuclear-armed, hostile military alliance (and prior to the invasion, Russia's list of demands largely boiled down to 'we want guarantees Ukraine will not join NATO ever, or else we will need to invade it to ensure it doesn't'. They were quite open to discussing the 'swissification' of Ukraine, but we weren't). This is literally an exact parallel of the Cuban Missile Crisis, from the Russian point of view (and the invasion has turned out to be a pretty direct parallel of the Bay of Pigs, too).

Moscow has been entirely open and clear about this being it's position since at least 2008, when we first started making noises about inviting Georgia and Ukraine to NATO, because Putin is an old Cold Warrior and understands that you need to make your red lines clear to your opponent in a game of nuclear chicken. It is the reasoning behind the invasion of Georgia (which happened just 4 months after the Bucharest conference where NATO declared it's intention to extend into Georgia), the annexation of the Crimea (where Russia's main naval base is located, and which occurred mere days after the Maidan revolution brought a Russophobic government to power), and now the invasion of the rest of Ukraine.

To present this as inconsistent or insane is, frankly, absurd.

Ukraine is not a vital strategic asset for NATO, and NATO was equally clear that there was no circumstances in which it would deploy troops against Russia to defend Ukraine. This alone means that really, we should have offered at least some concessions to assuage Russia's (actually pretty reasonable, in pure cold war logic) strategic concerns. If we actually needed Ukraine in NATO, then we'd already have boots on the ground there; the fact we're not willing to do that tells you that there was no sane reason to be discussing Ukraine joining in the first place. Much of the 'negotiations' preceding the war was simply Western nations telling the Russians 'we will do nothing to actually stop you doing this, and we don't even particularly want Ukraine, but we think you should be the one who has to back down'.

And this genuinely IS insane. Russia is basically following the standard script of Great Power politics as it's existed since the Egyptians and the Hittites were bickering over the Levant four thousand years ago, and the West are ignoring that script in order to try and expand NATO into a country that it doesn't need, which equally was under no threat until it started talking about joining NATO, for no reason other than 'making NATO bigger is automatically an unalloyed good'.

The result of that is that Ukraine will at very least be bombed back to the stone age (if not subjugated and put under a puppet government), and Russia will end up as a much bigger, much more dangerous North Korea with 4000 nuclear warheads on the edge of Europe. Presenting this as one man going insane in a tiny bunker in Moscow is absolving the West of over a decade of astonishingly incompetent grand strategy and diplomatic policy.

Enterprise IT finds itself in a war zone – with no script

Naselus

Re: Cutting Russia off from the InterWebs is stupid

He's right, China isn't going to invade Taiwan. Invading would require them to recognize it as not already part of China, which they strictly don't.

They instead want to engage in "troop movements into integral Chinese regions which have until recently remained under extended rebel control".

Zero trust? Not yet a must for most IT departments

Naselus

I think the main problem IT security has from a budget perspective is that for any company with X turnover, the minimum cost to properly secure it's systems turns out to be 1.5X annually.

And this then comes with a bunch of caveats on top: If a nation state actor targets you, it doesn't matter how much you spent cos they will get you anyway; productivity will be reduced by X% because it turns out half the company are cutting corners just to achieve their current targets; it's all ultimately futile anyway because so-and-so on the board will insist on emailing everything to his personal gmail account regardless and is too senior to overrule.

Microsoft veteran demystifies Abort, Retry, Fail? DOS error

Naselus
Coat

Oh, I thought it was just quoting what some wormdog scrawled next to the door of the Edit Universe project room.

£42k for a top-class software engineer? It's no wonder uni research teams can't recruit

Naselus

Re: if the salaries were improved./ Universities need serious reform across the board

"What about reducing number of students (and the professors) especially in dodgy subjects like media studies in thirds-rate universities"

Those dodgy subjects tend to be the profitable ones for teaching. A media studies professor is unsurprisingly cheap, given his PhD is pretty useless for any other job, and his subject is the kind of easy fare that attracts third sons with daddy's credit card paying the fees. These subjects are often not really 'dodgy' at a post-grad level - it actually does make sense to have a Media Studies component in a PhD subject in various social sciences - but make no real sense as an undergrad degree, aside from paying for the professor's salary while he does useful research.

STEM subjects, on the other hand, usually lose money from teaching because the professors are better paid (a mathematician can go and get a job as a quant in the city on 150k at the drop of a hat) and there's fewer wealthy-background students. They rely much more on grant money from research to top them up... but that's a speculative venture that may amount to nothing.

Naselus

Re: IT person

"The people making the monetary decisions are on £80 and don't have a clue because they have a degree in underwater basket weaving but got onto the management gravy train."

This. The most telling line in the article is 'How many people do you manage?' as if that is in any way relevant compared to IT skillsets. Our Helpdesk manager has a dozen direct reports, but he certainly doesn't earn as much as the enterprise architect who has none.

Even when I start in IT twenty years ago, many companies would have separate pay structures for management and engineers, and the very specialist engineers would often get paid similarly to junior or mid-level executives at the high end, where the manager who they nominally reported too was basically a glorified secretary who handled the admin busywork that the engineers were too expensive to waste time on.

Universities and (especially) the civil service simply don't get this. There's the assumption that learning how to 'do IT' is less complex than learning to be a plumber and can probably be handled by being sent on a two week course from the job centre, and the idea that a particularly high-end software engineer or enterprise architect has the level of specialist knowledge equivalent to a partner in a law firm or a senior medical consultant is beyond them. They only understand the idea that you're admin staff, and as admin staff are promoted they get underlings, so seniority is entirely a function of direct reports.

No-one pays doctors or lawyers based on how many staff report to them. No-one should expect to pay higher-end IT staff like that either.

Happy birthday, Windows Vista: Troubled teen hits 15

Naselus

Re: The main issue...

Absolutely this. Vista actually forced peripherals to use secure device drivers, and in doing so revealed that almost no vendors had been writing them properly. The fact that MS got blamed for fixing this, often by people who had spent the previous decade banging on about Windows being a security shit show, has always struck me as rather unfair tbh.

Vista was really the point where Microsoft started taking security seriously, and they should have been praised for it. Instead, everyone crapped all over them for it.

Naselus

Re: Windows stopped being good....

Oh look, someone wants us to know they use a Linux distro.

Log4j doesn't just blow a hole in your servers, it's reopening that can of worms: Is Big Biz exploiting open source?

Naselus

Re: JNDI concerns

"Enabling it by default was a choice made in a kinder gentler age."

It was a choice made in 2014. We're not talking about something buried in the code since 1993 and forgotten about. The same behaviour existed and was disabled by default in every 1.x version of log4j.

It's not like RCE vulns were completely unheard of seven years ago. I've a great deal of sympathy for the maintainer's complaint about getting zero corporate support for a FOSS package that appears to be running the log files of half the internet, but the decision to change it to enabled by default in version 2.0 was clearly a bad idea even when it was implemented.

Computers cost money. We only make them more expensive by trying to manage them ourselves

Naselus

Re: Or getting an efficient dog.

"10 years down the road, they no longer have that one-trick pony in their stable."

No, but 10 years down the line they'll announce that they can achieve an astonishing reduction in the projected 5-year opex costs with a one-time large-scale one-time capex outlay...

Chip makers aren't all-in on metaverse hardware yet – we should know, we asked them

Naselus

tbh, if Facebook is running it then any 'Virtual World' tey create will end up looking like The Purge within about 3 weeks

Say what you see: Four-letter fun on a late-night support call

Naselus

Re: It does beg the question...

Clearly, one of the perks of being a late-night hospital security guard is being able to x-ray bits of yourself whenever you feel like it. And this perk is so official that the guards have no fear of ringing up IT support if their off-book x-raying breaks the multi-million pound piece of equipment somehow.

Naselus

Re: The joys of the phonetic alphabet

"R for Roger, O for the second letter of Roger, G for the third letter of Roger..."

Naselus

Re: How to deal with calls

A brilliant plan only slightly let down when Dave in Glasgow rang you at 2am to let you know the exchange server was down.

Locked up: UK's Labour Party data 'rendered inaccessible' on third-party systems after cyber attack

Naselus

Re: "Cyber"

But who else will we tell the different between infosec workers and retrained ballerinas?

The pandemic improved the status of IT workers … forever

Naselus

Re: Nah, not for me.

"I am yet to see evidence of that."

Literally every one of my first 5 jobs was one of these fake contract roles. I was an employee in all but name... and benefits. So were the various jobs that my partner managed to obtain after leaving uni ten years ago. Go to your local hospital; all the cleaning staff are 'independent contractors'. Same in any hotel chain. If you go to your local football match, then most of the stewards there? Supposedly contractors. Uber drivers? Amazon delivery workers? 'Independent contractors'. And this is not exactly poorly documented in the media, and the legal battles of Uber drivers in particular to be recognized as employees have been widely publicized.

So even if you have somehow managed to sit on some kind of pedestal only jumping from permie role to permie role from the minute you left high school, the only plausible reason you've not seen evidence for this is because you've not been looking.

Naselus

Re: Nah, not for me.

"Basically big consultancies were pissed off by independents undercutting their rates and greased treasury and HMRC to put an end to that. Chancellor with his wife's Infosys was the man they needed to finish the job."

Not entirely. There was a considerable trend of companies setting up disguised employees who had no desire to be contractors which also needed to be quashed. A lot of low-wage positions (cleaners, customer service advisors, sales monkeys, service desk jobs) were made 'contractors' despite the contracts in question being more or less identical to waged positions, with all the benefits taken out.

Screwing over genuine small-time external contractors on behalf of Tory donors was just a bonus.

Intel claims first Alder Lake chip is the fastest desktop gaming silicon in the world

Naselus

YC++? Luxury! Back in my day we'd wake up int shoe box, walk uphill in 32 feet of snow t'code factory, and then chisel Fortran operations into clay tablets in cuneiform for running on a rotating drum feed....

Oh, are we not doing the Four Yorkshiremen bit?

Google's VirusTotal reports that 95% of ransomware spotted targets Windows

Naselus

Re: The hubris of Apple (oops I meant Google)

"If there was a target that would be quite easy to attack, it would be school children. Generally, at age 12 - 14 or thereabouts, they aren't that savvy about security."

I eagerly await hearing about the multi-million dollar payout you manage to secure from Sophie, age 12, after you crypto-lock her 1200-word essay on why she enjoyed reading Black Beauty.

Naselus

Re: Why this Obsession with Ransomware?

"I really do not understand this obsession of the infosec industry with ransomware."

It's currently very trendy with attackers. It's much like how in 1940, Londoners became obsessed with German bombers, despite there being other, much more efficient ways to kill people.

Apple warns sideloading iOS apps will ruin everything

Naselus

Re: App stores are de-facto monopolies and should be treated as such

"m not saying I agree with it but legally for them to have a monopoly they'd have to have a monopoly on hardware supply which they do not,"

No, that's not true at all.

No-one is contesting hat Apple have a monopoly on the phone market. They're contesting that Apple have a monopoly on the after-market of iPhone users - which they do. The end user is not the person being targeted and disadvantaged by the monopoly in question; instead, iOS app developers are being forced to sell their product via the Apple storefront, and are being forced to pay Apple fees for that at whatever price Apple chooses to demand. There's no other option if you want to sell to iUsers.

Apple have created a position where they have a product (access to iPhone users) that customers (iPhone app devs) need access to, and where Apple is the sole possible provider of that access. There is no competition in that market, and no competition is even possible. That is not just a monopoly, it's an incredibly aggressive one, far more egregious than anything Microsoft tried in the 1990s.

How Windows NTFS finally made it into Linux

Naselus

Re: I can only warn

I dunno, NTFS has been fine for me for, oh, nearly 30 years. The problem really is that it's now been fine for me for NEARLY 30 YEARS.

A lot of the 'powerful features' it introduced in Windows 3.1 times are looking pretty petty these days. Even MS's own doco for it testifies to it's age, advising that it's the best choice for 'disks over 400MB in size'.... at a time when I'm ordering 10TB drives for my home desktop. Things that seemed like generous limits in 1993 (16 exabyte volume size; severe performance degradation when you go over a few thousand files; 255 character ile name limits) are feeling a lot more restrictive in 2021.

Brit MPs blast Baroness Dido Harding's performance as head of NHS Test and Trace

Naselus

No, I don't think it's equally appropriate. They deserve some blame, but the idiot who hired them is ultimately responsible for pissing a vast amount of money up the wall hiring a group of people who couldn't deliver. Literally the whole point of her position was to be responsible for finding, hiring and managing people who could deliver it.

The only people more deserving of blame for the fiasco are Matt Hancock, for deciding that the correct person to handle a vital effort for responding to a life-threatening national disaster was 'my chum from the jockey club', and Boris Johnson for appointing Matt Hancock to a position where he could make that decision.

Naselus

Re: Share the blame

Yes, it definitely contributed to me choosing to avoid it too. I wouldn't trust her with my dog's medical information, and I don't have a dog.

But even if you ignore the data breach, Harding's record at TalkTalk was one of utter incompetence; she lost 10% market share in 5 years, mis-allocated resources on a grand scale, and then responded to the financial mess she had created through aggressive 'cost cutting' of her already underfunded infosec team. The data breach and ensuing PR disaster was just the crowning glory of Dido's career path of being lavishly rewarded for totally failing to manage the most basic aspects of her job.

Even if she wasn't the modern face of data insecurity, she'd have been an extremely poor appointee to run anything more complex than a corner shop.

Naselus

The ultimate poster-girl for failing upwards does it again

Fatal Attraction: Lovely collection, really, but it does not belong anywhere near magnetic storage media

Naselus

Yes, particularly by the time period the story alleges to be set, the idea that some fridge magnets were corrupting the hard drive of a machine is silly. This is a layman's understanding of magnets and magnetic media.

Here's a website from a company who manufacture very strong magnets, outlining how they stuck two very large neodymium magnets to the case of the hard drive itself (not the case of the PC), and it did... absolutely nothing: https://www.kjmagnetics.com/blog.asp?p=hard-drive-destruction

Not a single file was impacted. And this is using rare-earth magnets so powerful that they literally come with a safety warning and cannot be separated by hand, placed within half an inch of the surface of the disk itself. A few 'Greetings from Torbay' fridge magnets stuck to the outside of the case are nothing in comparison.

One-size-fits-all chargers? What a great idea! Of course Apple would hate it

Naselus

"In a statement, a spokesperson for Apple told The Reg"

They really must be at panic stations if they've suspended the "we don't talk to titles who said something mean to us once 27 years ago" policy

Tech widens the educational divide. And I should know – I'm a teacher in a pandemic

Naselus

The problem is that the format of schools has very little to do with educating students, and quite a lot to do with babysitting while parents are at work. Keeping the kids at home rather laid this bare.

All studies suggest that a highly trained adult (multiple post-grad degrees and years of experience and training) can engage in creative learning for perhaps 4 hours in a day, split into 3-4 separate periods. For untrained children, it is likely that, in ideal circumstances, at best, they can realistically manage an hour and a half split into two or three fairly short sessions, starting no earlier than 11am so the kids are well-rested and ready for some actual work. Lecturing from the blackboard starting at 08:30 is possibly the worst method of delivering learning, and schools appear to willfully go against any academic advice on how best to improve educational outcomes.

Ultimately, you could probably achieve better learning outcomes keeping the kids at home and engaging in maybe 2 hours of well-crafted, engaging educational content a day. Trying to replicate school's failed 8-hour model at home was doomed to fail, but the problem wasn't to do with tech or hybridization - the content is the issue and however you choose to deliver it it's been failing the majority of pupils for decades.

When the bits hit the fan: What to do when ransomware strikes

Naselus

Re: Did Mr Connor ask the finance director

Yes, it's remarkable how effective the phase 'And can I get that in writing?' is at making senior managers suddenly take something seriously.

Docker’s cash conundrum is becoming a bet on a very different future

Naselus

Re: "Progressive pricing may seem dangerously like socialism"

ow have you read the Register this long with a broken snark detector?

Apple engineers complain of hostile work environment to US labor watchdog

Naselus

Re: Obviously Someone Hasn't Been Reading Stuff

" As a "right to work" state both employer and employee are free to terminate their relationship at any time without prejudice. "

Uh, California is not a right to work state, and that is not what right to work means anyway.

"The right-to work-law lets employees get the benefit of union contracts without paying dues and fees to a union." - https://www.upcounsel.com/right-to-work-law

Trial of Theranos boss Elizabeth Holmes begins: She plans to say her boyfriend and COO Balwani abused her

Naselus

Re: Mad as a cut snake

"er... this appears to be, broadly speaking, the tactic and strategy of ANY business venture :)"

Roughly speaking, every episode of Shark Tank is an attempt to figure out precisely how much to bet that the CEO can reach IPO before everyone discovers the idea is a complete crock of shit.

Naselus

Re: Going to be a tough sell

Given the absolute shenanigans her lawyers have already gotten upto thus far, I don't find this latest approach any more credible than the last lot. They've pretty much exemplified 'if you don't have the law or the facts on your side, pound the table' over the last, what, five years?

See that last line in the access list? Yeah, that means you don't have an access list

Naselus

Honestly, almost everywhere I've worked in the last ten years has turned out to have an any-any allow buried in it's firewalls somewhere. Usually added in time immemorial and requiring literally days of plodding through traffic captures to kill off.

US SEC chair calls for crypto regulation

Naselus

Re: Probably Long Overdue

"Because many see the disconnect between labour and value as a fundamental problem with our economy."

You can believe that the disconnect between labour and value is a problem without automatically having to believe that all labour necessarily has value. Breaking large rocks into small rocks with a teaspoon requires a lot more labour than doing it with a sledgehammer. This does not mean that teaspoon-broken small rocks have more value to a small-rock buyer than sledgehammer-broken ones.

Ultimately, you're arguing an economic tautology - 'why did you spend so much effort making this? Because it has value. But why does it have value? Because I spent so much effort making it...."

Remember Anonymous? It/they might be back, and it/they are angry with Elon Musk

Naselus

Re: I thought ...

There's little overlap.

Anonymous is made up of people posting jokes on 4Chan.

QAnon is made up of people who can't tell what Anonymous posted was a joke.

Elon Musk hits the brakes on taking Bitcoin for Tesla purchases

Naselus

Re: Fantastic Market Opportunities ...... Ponzis to the Moon and Achilles Heel Arrows

Amanfrommars isn't left or right, his political affiliation is probably best described as either 'upside down' or 'lemon flavoured'.

Intel throws sand in the face of 'musclebooks' with 10nm Tiger Lake tech

Naselus
Joke

Comparable

"The Core i9-11980HK, for example, is an eight-core 2.6GHz-4.9GHz component touted as outpacing a comparable AMD by around 20 per cent "

'Comparable' in this case meaning 'one from 3 years ago'.

SolarWinds CEO describes overhauled Orion build system after that 'very small, unique' security breach

Naselus

Re: Time warp

It's all relative to Csuite execs tbh. For example, 18,000 is a small number when it's being added to their own paycheck, but a very large number when I'm asking for it to be added to mine.

Train operator phlunks phishing test by teasing employees with non-existent COVID bonus

Naselus

Re: I did something similar

I recall at least one very long day back on the helldesk twenty years ago wasting several hours trying to explain to a customer's CEO that no, I could not get the money he'd sent over to the Nigerian Prince two weeks earlier back. All while trying desperately not to use the term 'your own stupid fault'.

Often, more highly educated people are more vulnerable, since they're more likely to be in position where they get used to receiving legitimate emails asking for them to send money around. This idiot thought it was a genuine business opportunity because he got real business emails every day which weren't particularly different from this - emails sent from blackberries with awful spelling asking him to transfer 20 grand over.

Naselus

Re: The whole intention of a phishing attack is to make it both believable and tempting

One of our customers spoofed one of our genuine email addresses to conduct an internal phishing test. And then some of their (blissfully unaware) users contacted us to warn us that someone had spoofed our email address.

I'm still surprised we didn't sue them for wasting our whole IT department's time for a full morning tbh.

Naselus

Re: But isn't this what (real) criminals would do?

Yes, it's a perfectly valid and effecting phishing test. On the other hand, the timing might be considered poor taste.